Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

On March 11, 2026, U.S. medical technology company Stryker Corporation disclosed a cyber attack that disrupted its global internal networks and Microsoft systems, leaving thousands of employees unable to access corporate systems and devices inoperable. In its SEC filing, Stryker stated it has no indication of ransomware or malware, considers the incident contained, and is assessing the full impact, with no timeline provided for full restoration.

On March 12, 2026, Veeam released fixes for multiple high and critical severity vulnerabilities in their Backup & Replication product that could allow remote code execution (RCE), privilege escalation, and credential theft. Arctic Wolf has not identified publicly available proof-of-concept exploits for these vulnerabilities, nor have we observed any exploitation.

CVE-2026-21262 is an elevation of privilege vulnerability affecting Microsoft SQL Server. The issue is caused by improper access control within SQL Server components, allowing an authenticated attacker to elevate privileges over a network.

A simple guide for understanding how ASM actually supports your security program. We often hear organizations ask.

According to a 2024 report from IoT Analytics, there were 16.6 billion Internet of Things (IoT) connected devices at the end of 2023, and that number is expected to grow to 41.1 billion by 2030. This means an increased attack surface for malicious actors to take advantage of, especially given that the security posture of the vendors that provide these devices varies greatly.

SCA tools often generate multiple CVEs for the same dependency, creating unnecessary tickets and slowing remediation. Aggregating those findings into a single fix helps AppSec teams reduce ticket sprawl and align security work with how developers actually resolve vulnerabilities.

The concentration of dangerous software flaws is accelerating. The number of high-risk vulnerabilities – those with both high severity and high exploitability – has surged by 36% year-over-year, according to the 2026 State of Software Security Report. This trend indicates a critical problem: more risk is entering your codebase faster than ever before.

OAuth and OpenID Connect are the backbone of modern cloud-native identity and access management. From SaaS platforms and internal APIs to Kubernetes microservices, these protocols are responsible for verifying who is allowed to access what. When a vulnerability appears in a widely used authentication library, the impact can cascade across entire application ecosystems.

A vulnerability assessment is a systematic process for identifying, classifying, and prioritizing security weaknesses across an organization's IT infrastructure, software, and hardware before attackers can exploit them.

Proactive instead of reactive. Are you tired of hearing that already? This phrase seems to appear in almost every elevator pitch. But when it comes to cybersecurity, anticipating threats is essential. Attackers are more professional, automated, and faster than ever. The damage they cause keeps growing, and the window you have after the first alarm to protect your organization is shrinking.